Full Disk Encryption: Ghana Market Yields Northrop Grumman Hard Drive

Journalists have found a computer hard drive that contained sensitive documents belonging to US defense contractor Northrop Grumman. They found this disk drive--of all places--in a market in Ghana. The disk didn't feature hard drive encryption software like AlertBoot, so the contents were readily accessible. The cost? $40.

What Type of Information?

It may be a fluke or it might be a worrisome sign; however, one thing's for sure: Northrop was pretty lucky that the drive was found by reporters working for Frontline, the investigative journalism show for PBS (and one of the reasons for supporting this TV channel--beats Fox News or CNN any day of the week, in my opinion).

While the contents of those drives were not revealed, it was disclosed that the electronic documents were marked as "competitive sensitive." That sounds like contracts were and other competitive practices were involved, and thankfully, it implies that, if crap were to hit the fan, it would have been Northrop Grumman that would have been most affected.

On the other hand, a well-written contract gives one enough details to know what's going on. It may not be as good as a weapon's blueprint, but it could give outsiders a good idea on what to expect in terms of future armament or shields, or what type of research and development is being carried out.

Plus, other information was recorded as well, such as "how to recruit airport screeners" and "data security practices."

Disposal Contractors

Northrop Grumman has announced that they don't know how the drive could have ended up in Ghana. The drive belonged to an employee in Fairfax, Virginia, and it's a long way from the suburbs of DC to the Dark Continent.

I think the assumption is that an outside contractor that was supposed to dispose of the hard drive did not. Whether this was an accident, an egregious breach of duty, or theft...who knows?

This is the funny thing, though: it's weird for a used hard drive to end up in Africa. For example, if I were an employee who had filched a hard drive from work, just to sell on eBay, you can bet I wouldn't be sending things to a continent that includes Nigeria (sorry, Nigeria, but your country's name is tied to scams for the time being, even if it's unwarranted).

About the only way that I could imagine an American hard drive ending up in Africa? If it were one of a batch of used hard drives. The truth is, many developing countries are dumping grounds for electronic waste, which are reclaimed for the precious metals and other materials that are contained in them.

A batch of hard drives implies...well, that perhaps Northrop should possibly be worried about other hard drives that were not uncovered by the journalists.

Using Encryption Until The End

There's a problem with recommending that disk drives be protected with encryption software when they're about to be discarded into the maw of a crushing and grinding machine. It doesn't seem to make sense. What's the use? Who's going to glue together a mound of fine sand and metal together, and return it to its previous, uncrushed state? Is it even possible?

On the other hand, it doesn't make sense only because one makes the assumption that the disk will, indeed, be destroyed. As the above case shows, there is no such guarantee. Had Northrop been paranoid enough, it would have encrypted their computers' disks while in use, and kept them encrypted when they were sent to be destroyed.

And, if someone had stolen one of these disks to drive his business on the side, the contents of Northrop's drives would have remained safe.

If that's not an option, at least Northrop should have contracted out the job to a business that will drive the crushing machine to Northrop's facilities. They'll crush the drives on-site, while an employee watches, and issue certificates with serial numbers and the works for auditing purposes.

Comments

No Comments

About sang_lee

Sang Lee is a Senior Account Manager and Security Analyst with AlertBoot, Inc., the leading
provider of managed endpoint security services, based in Las Vegas, NV. Mr. Lee helps with the deployment and ongoing
support of the AlertBoot disk encryption managed service.
Prior to working at AlertBoot, Mr. Lee served in the South Korean Navy. He holds both a B.S. and an M.S. from Tufts
University in Medford, Massachusetts, U.S.A.